feat(helm): update external-secrets ( 0.9.14 → 0.10.3 )

[renovate]

This PR contains the following updates:

Package	Update	Change
external-secrets	minor	0.9.14 -> 0.10.3

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

external-secrets/external-secrets (external-secrets)

v0.10.3

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.10.3
Image: ghcr.io/external-secrets/external-secrets:v0.10.3-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.3-ubi-boringssl

What's Changed

• release: update helm charts to version v0.10.2 by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3846
• Use Conjur API's built in JWT functions by @​szh in https://github.com/external-secrets/external-secrets/pull/3771
• fix: set grpc resolver explicitly in yandex by @​stek29 in https://github.com/external-secrets/external-secrets/pull/3838
• Add values.schema.json generation to Helm chart by @​PrateekKumar1709 in https://github.com/external-secrets/external-secrets/pull/3774
• fix: only replace data if it is in the middle of the path by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3852
• fix: bitwarden API url to point to the correct default location by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3848
• feat: update bitwarden server sdk chart version by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3850
• chore(deps): bump github/codeql-action from 3.26.5 to 3.26.6 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3855
• chore(deps): bump actions/setup-python from 5.1.1 to 5.2.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3856
• chore(deps): bump mkdocs-material from 9.5.33 to 9.5.34 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3857
• chore(deps): bump mkdocs from 1.6.0 to 1.6.1 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3858
• chore(deps): bump watchdog from 4.0.2 to 5.0.0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3861
• chore(deps): bump certifi from 2024.7.4 to 2024.8.30 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3859
• chore(deps): bump zipp from 3.20.0 to 3.20.1 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3860
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3862
• Add blog post about ESO and IBM Secrets Manager by @​sali2801 in https://github.com/external-secrets/external-secrets/pull/3867
• Removed duplicate and deprecated API spec page by @​7Pawns in https://github.com/external-secrets/external-secrets/pull/3868
• Delinea provider is listed twice on the documentation page, and Delin… by @​oscerd in https://github.com/external-secrets/external-secrets/pull/3874
• Updated supported versions table for 0.10 release by @​shazib-summar in https://github.com/external-secrets/external-secrets/pull/3873
• feat: adds scarf to docs by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3876
• docs: Update sponsors by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3877
• chore: add eso tools page by @​Sn0rt in https://github.com/external-secrets/external-secrets/pull/3870
• New Generator for UUIDs by @​aschaber1 in https://github.com/external-secrets/external-secrets/pull/3296
• fix: update uuids.generator shortname by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3883
• chore(deps): bump alpine from 0a4eaa0 to beefdbd in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3884
• chore(deps): bump alpine from 0a4eaa0 to beefdbd by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3886
• chore(deps): bump distroless/static from ce46866 to 95eb83a by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3887
• chore(deps): bump golang from 1.23.0 to 1.23.1 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3888
• chore(deps): bump golang from 1.23.0-bookworm to 1.23.1-bookworm in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3889
• chore(deps): bump alpine from 3.20.2 to 3.20.3 in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3890
• chore(deps): bump watchdog from 5.0.0 to 5.0.2 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3891
• chore(deps): bump platformdirs from 4.2.2 to 4.3.2 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3892
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3893

New Contributors

• @​stek29 made their first contribution in https://github.com/external-secrets/external-secrets/pull/3838
• @​sali2801 made their first contribution in https://github.com/external-secrets/external-secrets/pull/3867
• @​7Pawns made their first contribution in https://github.com/external-secrets/external-secrets/pull/3868
• @​oscerd made their first contribution in https://github.com/external-secrets/external-secrets/pull/3874
• @​Sn0rt made their first contribution in https://github.com/external-secrets/external-secrets/pull/3870

Full Changelog: external-secrets/external-secrets@v0.10.2...v0.10.3

v0.10.2

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.10.2
Image: ghcr.io/external-secrets/external-secrets:v0.10.2-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.2-ubi-boringssl

What's Changed

• release: update helm charts to version v0.10.1 by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3842
• fix: add watch to validatingwebhookconfigs by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3845

Full Changelog: external-secrets/external-secrets@v0.10.1...v0.10.2

v0.10.1

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.10.1
Image: ghcr.io/external-secrets/external-secrets:v0.10.1-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.1-ubi-boringssl

What's Changed

• release: update helm chart to v0.10.0 by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3758
• doc: add maintainer of the bitwarden secret manager provider by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3762
• chore(deps): bump mkdocs-material from 9.5.30 to 9.5.31 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3763
• fix: decrypt remote parameter for SecureString type by @​vsantos in https://github.com/external-secrets/external-secrets/pull/3761
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3766
• chore(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3765
• chore(deps): bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3764
• feat: add beyondtrust provider by @​btfhernandez in https://github.com/external-secrets/external-secrets/pull/3683
• chore: add minimal policy for fetching parameters from ssm by @​KrisJohnstone in https://github.com/external-secrets/external-secrets/pull/3770
• Add Grafana Labs to ADOPTERS.md by @​Duologic in https://github.com/external-secrets/external-secrets/pull/3787
• chore(deps): bump golang from 1.22.5 to 1.22.6 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3778
• chore(deps): bump pyyaml from 6.0.1 to 6.0.2 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3779
• chore(deps): bump zipp from 3.19.2 to 3.20.0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3780
• chore(deps): bump babel from 2.15.0 to 2.16.0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3781
• chore(deps): bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3783
• chore(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3784
• chore(deps): bump fossas/fossa-action from 1.3.3 to 1.4.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3785
• chore(deps): bump watchdog from 4.0.1 to 4.0.2 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3782
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3786
• chore: update security best practice by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3794
• feat: add CAProvider to Bitwarden provider by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3699
• fix: run helm.test.update on main branch by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3816
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3815
• chore(deps): bump importlib-resources from 6.4.0 to 6.4.3 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3810
• chore(deps): bump markdown from 3.6 to 3.7 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3811
• Bump helm-docs image version to v1.7.0 in Makefile by @​PrateekKumar1709 in https://github.com/external-secrets/external-secrets/pull/3806
• chore(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3812
• chore(deps): bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3813
• chore: update go version of the project to 1.23 by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3829
• Use maps package from standard library by @​BooleanCat in https://github.com/external-secrets/external-secrets/pull/3828
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3836
• add the resourceNames(git commit -s) by @​younaman in https://github.com/external-secrets/external-secrets/pull/3822
• chore(deps): bump mkdocs-material from 9.5.31 to 9.5.33 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3830
• chore(deps): bump importlib-metadata from 8.2.0 to 8.4.0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3831
• chore(deps): bump paginate from 0.5.6 to 0.5.7 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3832
• chore(deps): bump golang from 1.22.6 to 1.23.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3814
• chore(deps): bump github/codeql-action from 3.26.2 to 3.26.5 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3835
• chore(deps): bump idna from 3.7 to 3.8 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3834
• chore(deps): bump importlib-resources from 6.4.3 to 6.4.4 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3833
• feat: implement GetSecretMap for Bitwarden provider by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3800
• Demonstrate new slices/maps packages by @​BooleanCat in https://github.com/external-secrets/external-secrets/pull/3839

New Contributors

• @​btfhernandez made their first contribution in https://github.com/external-secrets/external-secrets/pull/3683
• @​KrisJohnstone made their first contribution in https://github.com/external-secrets/external-secrets/pull/3770
• @​PrateekKumar1709 made their first contribution in https://github.com/external-secrets/external-secrets/pull/3806
• @​BooleanCat made their first contribution in https://github.com/external-secrets/external-secrets/pull/3828
• @​younaman made their first contribution in https://github.com/external-secrets/external-secrets/pull/3822

Full Changelog: external-secrets/external-secrets@v0.10.0...v0.10.1

v0.10.0

Compare Source

⚠️ :red-alert: BREAKING CHANGE :red-alert: ⚠️

• Webhook Generator
  Webhook generator labels have changed from generators.external-secrets.io/type: webhook to external-secrets.io/type: webhook.

• Webhook Provider
  Webhook provider now can only use secrets that are labeled with external-secrets.io/type: webhook. This enforces explicit setup for webhook secrets by users.

Fixing the issue:

add the label for the secret used by the webhook:

apiVersion: v1
kind: Secret
metadata:
  name: your-secret
  labels:
    external-secrets.io/type: webhook ### <<<<<<<<<<<<< ADD THIS
data:
...

Image: ghcr.io/external-secrets/external-secrets:v0.10.0
Image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.10.0-ubi-boringssl

What's Changed

• chore: bump to 0.9.20 by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3660
• chore(deps): bump golang from 1.22.4 to 1.22.5 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3662
• chore(deps): bump distroless/static from 4197211 to ce46866 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3663
• chore(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3665
• chore(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3666
• chore(deps): bump mkdocs-material from 9.5.27 to 9.5.28 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3667
• chore(deps): bump certifi from 2024.6.2 to 2024.7.4 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3668
• chore(deps): bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3669
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3670
• sets eso-service-account for creating e2e comments by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3678
• use github token for the actions check by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3679
• Add support for Delinea Secret Server by @​pacificcode in https://github.com/external-secrets/external-secrets/pull/3468
• Fix: Only URL encode data being passed to URLs (#​3652) by @​ryanmeans in https://github.com/external-secrets/external-secrets/pull/3674
• Commenting secrets manifest from hashicorp vault integration #​3661 by @​jeffmachado in https://github.com/external-secrets/external-secrets/pull/3680
• docs: Fix namespaceRegexes in full-cluster-secret-store.yaml by @​excalq in https://github.com/external-secrets/external-secrets/pull/3681
• Support for Oracle PushSecret.property #​2911 by @​Aeyk in https://github.com/external-secrets/external-secrets/pull/3577
• support for adding headers in vault provider by @​abhinav1708 in https://github.com/external-secrets/external-secrets/pull/3677
• chore(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3688
• chore(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3691
• chore(deps): bump actions/setup-python from 5.1.0 to 5.1.1 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3690
• chore(deps): bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3689
• chore(deps): bump golang from 8c9183f to 8c9183f by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3687
• chore(deps): bump mkdocs-material from 9.5.28 to 9.5.29 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3692
• fix: aws secretmanager's SecretExists returns true for non-existent secrets by @​mintbomb27 in https://github.com/external-secrets/external-secrets/pull/3684
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3693
• Added 2 articles I wrote on AWS secrets injection and ESO templating by @​alinadir44 in https://github.com/external-secrets/external-secrets/pull/3707
• Update docs for namespaceSelectors usage and namespaceSelector deprecation by @​mtougeron in https://github.com/external-secrets/external-secrets/pull/3695
• fix: add namespace to path and route construction by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3632
• chore(deps): bump softprops/action-gh-release from 2.0.6 to 2.0.8 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3708
• chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3709
• Update bitwarden-secrets-manager.md by @​zazathomas in https://github.com/external-secrets/external-secrets/pull/3710
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3711
• feat: add PushSecret support for Pulumi ESC by @​dirien in https://github.com/external-secrets/external-secrets/pull/3597
• remove redundant parameter grab call, we already have the data by @​rumenvasilev in https://github.com/external-secrets/external-secrets/pull/3722
• chore(deps): bump docker/login-action from 3.2.0 to 3.3.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3729
• chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3727
• chore(deps): bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3728
• chore(deps): bump docker/setup-qemu-action from 3.1.0 to 3.2.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3731
• chore(deps): bump github/codeql-action from 3.25.13 to 3.25.15 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3730
• chore(deps): bump alpine from 77726ef to 0a4eaa0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3733
• chore(deps): bump golang from 8c9183f to 0d3653d by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3732
• feat: increase verbosity of error message during validation by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3742
• chore(deps): bump golang from 6c27802 to af9b40f in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3734
• chore(deps): bump alpine from 3.20.1 to 3.20.2 in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3735
• chore(deps): bump alpine from b89d9c9 to 0a4eaa0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3736
• chore(deps): bump regex from 2024.5.15 to 2024.7.24 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3737
• chore(deps): bump mkdocs-material from 9.5.29 to 9.5.30 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3738
• chore(deps): bump importlib-metadata from 8.0.0 to 8.2.0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3739
• chore(deps): bump pymdown-extensions from 10.8.1 to 10.9 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3740
• docs: Remove references to pemCertificate and pemPrivateKey functions by @​trenslow in https://github.com/external-secrets/external-secrets/pull/3744
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3741
• docs: Improvements in the ExternalSecret comments in API section by @​c-neto in https://github.com/external-secrets/external-secrets/pull/3725
• feat: add prefix definition to all secret keys for aws parameter store by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3718
• feat: do not modify the secret in case of a NotModified by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3746
• feat: webhook secrets must be labeled by @​gusfcarvalho in https://github.com/external-secrets/external-secrets/pull/3753
• feat: support pkcs12 with chain in pushsecret to Azure KeyVault by @​mysteq in https://github.com/external-secrets/external-secrets/pull/3747
• docs: document fullPemToPkcs12 and fullPemToPkcs12Pass helper functions by @​mysteq in https://github.com/external-secrets/external-secrets/pull/3749

New Contributors

• @​ryanmeans made their first contribution in https://github.com/external-secrets/external-secrets/pull/3674
• @​jeffmachado made their first contribution in https://github.com/external-secrets/external-secrets/pull/3680
• @​excalq made their first contribution in https://github.com/external-secrets/external-secrets/pull/3681
• @​Aeyk made their first contribution in https://github.com/external-secrets/external-secrets/pull/3577
• @​abhinav1708 made their first contribution in https://github.com/external-secrets/external-secrets/pull/3677
• @​mintbomb27 made their first contribution in https://github.com/external-secrets/external-secrets/pull/3684
• @​alinadir44 made their first contribution in https://github.com/external-secrets/external-secrets/pull/3707
• @​mtougeron made their first contribution in https://github.com/external-secrets/external-secrets/pull/3695
• @​zazathomas made their first contribution in https://github.com/external-secrets/external-secrets/pull/3710
• @​rumenvasilev made their first contribution in https://github.com/external-secrets/external-secrets/pull/3722
• @​trenslow made their first contribution in https://github.com/external-secrets/external-secrets/pull/3744
• @​c-neto made their first contribution in https://github.com/external-secrets/external-secrets/pull/3725
• @​mysteq made their first contribution in https://github.com/external-secrets/external-secrets/pull/3747

Full Changelog: external-secrets/external-secrets@v0.9.20...v0.10.0

v0.9.20

Compare Source

Image: ghcr.io/external-secrets/external-secrets:v0.9.20
Image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi
Image: ghcr.io/external-secrets/external-secrets:v0.9.20-ubi-boringssl

What's Changed

• bump 0.9.19 by @​knelasevero in https://github.com/external-secrets/external-secrets/pull/3553
• Fix typo: temaplate --> template by @​lindhe in https://github.com/external-secrets/external-secrets/pull/3554
• Oracle Vault Provider Documentation by @​anders-swanson in https://github.com/external-secrets/external-secrets/pull/3551
• feat: add location to GCP push secret by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3502
• add log.level and log.encoding to all components by @​KyriosGN0 in https://github.com/external-secrets/external-secrets/pull/3558
• chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3561
• chore(deps): bump aquasecurity/trivy-action from 0.21.0 to 0.22.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3562
• chore(deps): bump tornado from 6.4 to 6.4.1 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3563
• chore(deps): bump packaging from 24.0 to 24.1 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3564
• chore(deps): bump mkdocs-material from 9.5.25 to 9.5.26 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3565
• chore(deps): bump zipp from 3.19.1 to 3.19.2 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3566
• chore(deps): bump ubi8/ubi-minimal from 9e458f4 to 5f1cd34 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3568
• chore(deps): bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3569
• chore(deps): bump golang from 1.22.3 to 1.22.4 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3567
• Infisical provider by @​akhilmhdh in https://github.com/external-secrets/external-secrets/pull/3477
• feat: kick github actions on main by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3572
• feat: add support to set Type for AWS parameter store by @​vsantos in https://github.com/external-secrets/external-secrets/pull/3576
• Remove shuheiktgw from maintainers by @​shuheiktgw in https://github.com/external-secrets/external-secrets/pull/3573
• Add device42 provider by @​smcavallo in https://github.com/external-secrets/external-secrets/pull/3571
• ref: parameter store should be called only once by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3584
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3570
• feat(certcontroller): Allow restricting CRDs and Webhook configs in Informer cache by @​toVersus in https://github.com/external-secrets/external-secrets/pull/3588
• Support glob for namespaces condition in ClusterSecretStore by @​speedfl in https://github.com/external-secrets/external-secrets/pull/2920
• Fix typo privatKey in multiple files by @​IdanAdar in https://github.com/external-secrets/external-secrets/pull/3578
• chore(deps): bump mkdocs-material from 9.5.26 to 9.5.27 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3595
• chore(deps): bump github/codeql-action from 3.25.8 to 3.25.10 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3591
• chore(deps): bump codecov/codecov-action from 4.4.1 to 4.5.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3592
• chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3590
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3596
• chore(deps): bump golang from aec4784 to 9678844 in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3593
• chore(deps): bump golang from 9bdd569 to 6522f0c by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3594
• feat(chart): Enable partial cache for certcontroller when installCRDs=true by @​toVersus in https://github.com/external-secrets/external-secrets/pull/3589
• Add skip unmanaged store logic for push secret controller by @​Bude8 in https://github.com/external-secrets/external-secrets/pull/3123
• fix(vault): Fix crash when caching is enabled and a token expires by @​agunnerson-elastic in https://github.com/external-secrets/external-secrets/pull/3598
• Remove the use of "golang.org/x/crypto/pkcs12" by @​yihuaf in https://github.com/external-secrets/external-secrets/pull/3601
• Make UBI more tolerable from OS vulnerabilities by @​IdanAdar in https://github.com/external-secrets/external-secrets/pull/3607
• fix: explicitly fetch status subresource due to inconsistencies by @​moolen in https://github.com/external-secrets/external-secrets/pull/3608
• Adds codepath for removing finalizers by @​lllamnyp in https://github.com/external-secrets/external-secrets/pull/3610
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3624
• chore(deps): bump alpine from 3.20.0 to 3.20.1 in /e2e by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3622
• chore(deps): bump alpine from 77726ef to b89d9c9 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3621
• chore(deps): bump golang from 6522f0c to ace6cc3 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3620
• chore(deps): bump urllib3 from 2.2.1 to 2.2.2 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3618
• chore(deps): bump importlib-metadata from 7.1.0 to 7.2.1 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3617
• chore(deps): bump livereload from 2.6.3 to 2.7.0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3616
• chore(deps): bump aquasecurity/trivy-action from 0.22.0 to 0.23.0 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3615
• chore(deps): bump softprops/action-gh-release from 2.0.5 to 2.0.6 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3614
• Fix ACR External Secret example by @​ellenfieldn in https://github.com/external-secrets/external-secrets/pull/3626
• feat: add bitwarden secret manager support by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3603
• fix: e2e installation of ESO needs to update dependencies first by @​Skarlso in https://github.com/external-secrets/external-secrets/pull/3635
• added secretserver env vars to e2e.yml by @​pacificcode in https://github.com/external-secrets/external-secrets/pull/3636
• docs: fix dataFrom.find in ExternalSecret api example by @​sboschman in https://github.com/external-secrets/external-secrets/pull/3633
• chore: update dependencies by @​eso-service-account-app in https://github.com/external-secrets/external-secrets/pull/3641
• chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3640
• chore(deps): bump importlib-metadata from 7.2.1 to 8.0.0 in /hack/api-docs by @​dependabot in https://github.com/external-secrets/external-secrets/pull/3639
• add AuthRef to kubernetes provider fixes #​3627 by @​kaedwen in [https://github.com/external-

---

Configuration

📅 Schedule: Branch creation - "on saturday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

--- HelmRelease: security/external-secrets ClusterRole: security/external-secrets-cert-controller

+++ HelmRelease: security/external-secrets ClusterRole: security/external-secrets-cert-controller

@@ -20,15 +20,23 @@

   - patch
 - apiGroups:
   - admissionregistration.k8s.io
   resources:
   - validatingwebhookconfigurations
   verbs:
-  - get
   - list
   - watch
+  - get
+- apiGroups:
+  - admissionregistration.k8s.io
+  resources:
+  - validatingwebhookconfigurations
+  resourceNames:
+  - secretstore-validate
+  - externalsecret-validate
+  verbs:
   - update
   - patch
 - apiGroups:
   - ''
   resources:
   - endpoints
--- HelmRelease: security/external-secrets ClusterRole: security/external-secrets-controller

+++ HelmRelease: security/external-secrets ClusterRole: security/external-secrets-controller

@@ -36,23 +36,26 @@

   - clusterexternalsecrets/status
   - clusterexternalsecrets/finalizers
   - pushsecrets
   - pushsecrets/status
   - pushsecrets/finalizers
   verbs:
+  - get
   - update
   - patch
 - apiGroups:
   - generators.external-secrets.io
   resources:
   - acraccesstokens
   - ecrauthorizationtokens
   - fakes
   - gcraccesstokens
+  - githubaccesstokens
   - passwords
   - vaultdynamicsecrets
+  - webhooks
   verbs:
   - get
   - list
   - watch
 - apiGroups:
   - ''
--- HelmRelease: security/external-secrets ClusterRole: security/external-secrets-view

+++ HelmRelease: security/external-secrets ClusterRole: security/external-secrets-view

@@ -26,13 +26,15 @@

   - generators.external-secrets.io
   resources:
   - acraccesstokens
   - ecrauthorizationtokens
   - fakes
   - gcraccesstokens
+  - githubaccesstokens
   - passwords
   - vaultdynamicsecrets
+  - webhooks
   verbs:
   - get
   - watch
   - list
 
--- HelmRelease: security/external-secrets ClusterRole: security/external-secrets-edit

+++ HelmRelease: security/external-secrets ClusterRole: security/external-secrets-edit

@@ -27,14 +27,16 @@

   - generators.external-secrets.io
   resources:
   - acraccesstokens
   - ecrauthorizationtokens
   - fakes
   - gcraccesstokens
+  - githubaccesstokens
   - passwords
   - vaultdynamicsecrets
+  - webhooks
   verbs:
   - create
   - delete
   - deletecollection
   - patch
   - update
--- HelmRelease: security/external-secrets Deployment: security/external-secrets-cert-controller

+++ HelmRelease: security/external-secrets Deployment: security/external-secrets-cert-controller

@@ -34,23 +34,26 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: ghcr.io/external-secrets/external-secrets:v0.9.14
+        image: ghcr.io/external-secrets/external-secrets:v0.10.3
         imagePullPolicy: IfNotPresent
         args:
         - certcontroller
         - --crd-requeue-interval=5m
         - --service-name=external-secrets-webhook
         - --service-namespace=security
         - --secret-name=external-secrets-webhook
         - --secret-namespace=security
         - --metrics-addr=:8080
         - --healthz-addr=:8081
+        - --loglevel=info
+        - --zap-time-encoding=epoch
+        - --enable-partial-cache=true
         ports:
         - containerPort: 8080
           protocol: TCP
           name: metrics
         readinessProbe:
           httpGet:
--- HelmRelease: security/external-secrets Deployment: security/external-secrets

+++ HelmRelease: security/external-secrets Deployment: security/external-secrets

@@ -34,16 +34,19 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: ghcr.io/external-secrets/external-secrets:v0.9.14
+        image: ghcr.io/external-secrets/external-secrets:v0.10.3
         imagePullPolicy: IfNotPresent
         args:
         - --concurrent=1
         - --metrics-addr=:8080
+        - --loglevel=info
+        - --zap-time-encoding=epoch
         ports:
         - containerPort: 8080
           protocol: TCP
           name: metrics
+      dnsPolicy: ClusterFirst
 
--- HelmRelease: security/external-secrets Deployment: security/external-secrets-webhook

+++ HelmRelease: security/external-secrets Deployment: security/external-secrets-webhook

@@ -34,22 +34,24 @@

             - ALL
           readOnlyRootFilesystem: true
           runAsNonRoot: true
           runAsUser: 1000
           seccompProfile:
             type: RuntimeDefault
-        image: ghcr.io/external-secrets/external-secrets:v0.9.14
+        image: ghcr.io/external-secrets/external-secrets:v0.10.3
         imagePullPolicy: IfNotPresent
         args:
         - webhook
         - --port=10250
         - --dns-name=external-secrets-webhook.security.svc
         - --cert-dir=/tmp/certs
         - --check-interval=5m
         - --metrics-addr=:8080
         - --healthz-addr=:8081
+        - --loglevel=info
+        - --zap-time-encoding=epoch
         ports:
         - containerPort: 8080
           protocol: TCP
           name: metrics
         - containerPort: 10250
           protocol: TCP

[github-actions]

--- kubernetes/apps/security/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: security/external-secrets

+++ kubernetes/apps/security/external-secrets/app Kustomization: flux-system/external-secrets HelmRelease: security/external-secrets

@@ -13,13 +13,13 @@

     spec:
       chart: external-secrets
       sourceRef:
         kind: HelmRepository
         name: external-secrets
         namespace: flux-system
-      version: 0.9.14
+      version: 0.10.3
   install:
     remediation:
       retries: 3
   interval: 30m
   maxHistory: 2
   uninstall: